PRoblem with event firing twice in HTTPModule

Vote:
 
I'm trying to handle the need to run authentication prior to the page load, so that the page you land on has the correct authentication level without a need to refresh. I'm using an HTTPModule, and add a method that does the authentication using: AddHandler context.BeginRequest, AddressOf Me.ProcessRequest (ProcessRequest is the method called to do the handling) However, if I'm logged in as one user, and try to login as another (or actually switch authentication level is more lie it), the method fires twice - the first time it authenticates with the new login, and the second time it authenticates with the original user/password entry?!? This means it can't get to the second login. I have found if I then manually refresh after this, episerver does pick up the new login requirement, and is set properly. Anyone had this problem or something like it, and have a solution?
#12515
Mar 25, 2008 18:35
Vote:
 
I assume that you have a login control on all pages, allowing log-in on each page, and handle the login in the click event of a button. But, the authentication happens to late in order for the rest of the page to see that a user has logged in (menus and other lists will not be shown in context of the logged in user, but as the Anonymous user.) And, you don't want the extra redirect in order for the standard EPiServer authentication to occur. Also, I assume that you, in your ProcessRequest method, extract the username and password and authenticate the user. To my knowledge, the BeginRequest event should only fire once for your page. Have you checked if they are for the same page? The 404 handler is also an ASP.NET request (if you have configured it correctly), so an erroneous image link in your design will actually trigger the event. If my assumptions are incorrect, please tell me, there might be a better way to accomplish what you're trying to do :-) /Steve
#14407
Mar 25, 2008 18:44
Vote:
 
Thanks for your reply. Your assumptions are essentially correct, and I am not aware of any erroneous links that would trigger the event. Furthermore, we have now determined that the behaviour varies from one client machine to another - ie on some we need to click refresh in order for the second login to work correctly, while on others it works first time...So now we are wondering whether this is a client side issue... Does this ring any bells? thanks s.
#14408
Mar 25, 2008 18:44
Vote:
 
Try adding logging to your code (log4net) and log the request url to see if the requests are for different resources, and see if one of them is the 404 handler. (Not beeing aware of, and beeing sure is not the same thing :-) Not sure about the client thing though... could it be different cache settings? /Steve
#14409
Mar 25, 2008 18:44
Vote:
 
Possibly, but it seems sometimes a machine that is working suddenly stops working with no apparent change to the back-end. This alteration then tends to hang around - which does I think maybe sound like something cached is causing it. I'll be looking into cache settings today in a side-by-side comparison, and I'll post the outcome. However, we're getting other weirdnesses. 1) If you're an administrator - As soon as you start doing something in a page - such as put something in a textbox, you lose the various episerver items from the right-hand click menu - this seems reasonable to me, however, can someone confirm you should expect this? 2) If you go into 'edit', you can do the onscreen edit stuff and save, and it appears to save. However, if you go off the page and come back, it's not been applied. It IS applied if you've done the edit in 'Quick Edit' or via admin mode though. Anyone seen this?
#14410
Mar 25, 2008 18:44
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.